Tootfinder

Ich nutze für #SSH den Clienten #Remmina, leider kann man da seine Accouts nicht exportieren oder sagen wir mal sehr schlecht halt.
Gibt es eine #SSH Software wo seine Accounts exportieren kann ?
Bitte um …

This https://arxiv.org/abs/2312.12422 has been replaced.
link: https://scholar.google.com/scholar?q=a

Terrapin Attack: Breaking SSH Channel Integrity By Sequence Number Manipulation
The SSH protocol provides secure access to network services, particularly remote terminal login and file transfer within organizational networks and to over 15 million servers on the open internet. SSH uses an authenticated key exchange to establish a secure channel between a client and a server, which protects the confidentiality and integrity of messages sent in either direction. The secure channel prevents message manipulation, replay, insertion, deletion, and reordering. At the network leve…

2021 retro-link! https://www.agwa.name/blog/post/ssh_signatures - It's now possible to sign arbitrary data with your SSH keys.

Fascinating informative thread on the recent ransomware attack on the British Library.
https://mastodon.social/@mttaggart@infosec.town/112060739690334632
I chafed a little at the introduction of MFA here, and the need to use a VPN to ssh into m…

❯❯ limactl start
? Creating an instance "default" Proceed with the current configuration
INFO[0013] Starting the instance "default" with VM driver "qemu"
INFO[0014] QEMU binary "/opt/homebrew/bin/qemu-system-aarch64" seems properly signed with the "com.apple.security.hypervisor" entitlement
INFO[0014] Attempting to download the image arch=aarch64 digest="sha256:1072e90dd339fd7ba1e82b6c1c3b03183287ca4a6da52c04eaeb0e5653a59bc7" location="https://cloud-images.ubuntu.com/releases/23.10/release-20240125/ubuntu-23.10-server-cloudimg-arm64.img"
Downloading the image (ubuntu-23.10-server-cloudimg-arm64.img)
682.69 MiB / 682.69 MiB [-----------------------------------] 100.00% 5.80 MiB/s
INFO[0132] Downloaded the image from "https://cloud-images.ubuntu.com/releases/23.10/release-20240125/ubuntu-23.10-server-cloudimg-arm64.img"
INFO[0133] Attempting to download the nerdctl archive arch=aarch64 digest="sha256:4bf3e05c7203a1b86c84a506d022f7f4d2727143c8031cd5e4b78ef03f0fdcda" location="https://github.com/containerd/nerdctl/releases/download/v1.7.3/nerdctl-full-1.7.3-linux-arm64.tar.gz"
Downloading the nerdctl archive (nerdctl-full-1.7.3-linux-arm64.tar.gz)
208.61 MiB / 208.61 MiB [-----------------------------------] 100.00% 5.36 MiB/s
INFO[0173] Downloaded the nerdctl archive from "https://github.com/containerd/nerdctl/releases/download/v1.7.3/nerdctl-full-1.7.3-linux-arm64.tar.gz"
INFO[0176] [hostagent] hostagent socket created at /Users/faucherd/.lima/default/ha.sock
INFO[0177] [hostagent] Using system firmware ("/opt/homebrew/share/qemu/edk2-aarch64-code.fd")
INFO[0177] [hostagent] Starting QEMU (hint: to watch the boot progress, see "/Users/faucherd/.lima/default/serial*.log")
INFO[0177] SSH Local Port: 60022
INFO[0177] [hostagent] Waiting for the essential requirement 1 of 4: "ssh"
INFO[0194] [hostagent] Waiting for the essential requirement 1 of 4: "ssh"
INFO[0194] [hostagent] The essential requirement 1 of 4 is satisfied
INFO[0194] [hostagent] Waiting for the essential requirement 2 of 4: "user session is ready for ssh"
INFO[0194] [hostagent] The essential requirement 2 of 4 is satisfied
INFO[0194] [hostagent] Waiting for the essential requirement 3 of 4: "sshfs binary to be installed"
INFO[0216] [hostagent] The essential requirement 3 of 4 is satisfied
INFO[0216] [hostagent] Waiting for the essential requirement 4 of 4: "/etc/fuse.conf (/etc/fuse3.conf) to contain \"user_allow_other\""
INFO[0219] [hostagent] The essential requirement 4 of 4 is satisfied
INFO[0219] [hostagent] Mounting "/Users/faucherd" on "/Users/faucherd"
INFO[0219] [hostagent] Mounting "/tmp/lima" on "/tmp/lima"
INFO[0219] [hostagent] Waiting for the optional requirement 1 of 2: "systemd must be available"
INFO[0219] [hostagent] Forwarding "/run/lima-guestagent.sock" (guest) to "/Users/faucherd/.lima/default/ga.sock" (host)
INFO[0219] [hostagent] The optional requirement 1 of 2 is satisfied
INFO[0219] [hostagent] Waiting for the optional requirement 2 of 2: "containerd binaries to be installed"
INFO[0219] [hostagent] Guest agent is running
INFO[0219] [hostagent] Not forwarding TCP 127.0.0.53:53
INFO[0219] [hostagent] Not forwarding TCP 127.0.0.54:53
INFO[0219] [hostagent] Not forwarding TCP [::]:22
INFO[0222] [hostagent] The optional requirement 2 of 2 is satisfied
INFO[0222] [hostagent] Waiting for the guest agent to be running
INFO[0222] [hostagent] Waiting for the final requirement 1 of 1: "boot scripts must have finished"
INFO[0235] [hostagent] The final requirement 1 of 1 is satisfied
INFO[0235] READY. Run `lima` to open the shell.
❯❯ lima
faucherd@lima-default:~$ pwd
/home/faucherd.linux
faucherd@lima-default:~$ cat /etc/lsb-release
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=23.10
DISTRIB_CODENAME=mantic
DISTRIB_DESCRIPTION="Ubuntu 23.10"

Side affect of AWS' way on public IPv4 is that ssh access evolves to using Instance Connect with private sub nets.
https://aws.amazon.com/blogs/compute/new-using-amazon-ec2-instance-connect-for-ssh-access-to-your…

New: Using Amazon EC2 Instance Connect for SSH access to your EC2 Instances | Amazon Web Services
This post is courtesy of Saloni Sonpal – Senior Product Manager – Amazon EC2 Today, AWS is introducing Amazon EC2 Instance Connect, a new way to control SSH access to your EC2 instances using AWS Identity and Access Management (IAM). About Amazon EC2 Instance Connect While infrastructure as code (IaC) tools such as Chef and Puppet […]

Good write up from Kevin Beaumont: “Inside the failed attempt to backdoor SSH globally — that got caught by chance” | @…

https:/…

Inside the failed attempt to backdoor SSH globally — that got caught by chance
What happened here is now well documented elsewhere, so I shall not recap it much, but essentially somebody appears to have hijacked the open source XZ project by social engineering the volunteer…

Well that's not good: https://lobste.rs/s/uihyvs/backdoor_upstream_xz_liblzma_leading_ssh

Heise berichtet nun auch (inkl. Link zu einem Erkennungsskript):
Hintertür in #xz-Bibliothek gefährdet SSH-Verbindungen | heise online
https://www.

I just want a search and replace for every article about Russian or Chinese hackers to be replaced with rival football teams or your own state.
"The broncos leveraged a Cisco ASA vulnerability"
"California implanted a backdoor into ssh"
Instead of this nonsense xenophobic distraction about being at war with eastasia and needing permission to surveil all citizens.
#cybersecurity

Researchers find malicious code in versions of the Linux compression tool XZ Utils that were incorporated into unstable distributions from Red Hat and Debian (Dan Goodin/Ars Technica)
https://arstechnica.com/security/2024/

Backdoor found in widely used Linux utility breaks encrypted SSH connections
Malicious code planted in xz Utils has been circulating for more than a month.

i’m sure i’m not the first to make this but i haven’t seen one yet.
(context: https://arstechnica.com/security/2024/03/backdoor-found-in-widely-used-linux-utility-breaks-encrypted-ssh-connections/)<…

Backdoor found in widely used Linux utility targets encrypted SSH connections
Malicious code planted in xz Utils has been circulating for more than a month.

X: "I need SSH access to your server to do make that configuration change."
Me: "OK, send me your public key."
X: "I don't have a public key of that server. You need to send me username and password."
Me: 🤦‍♀️
Nope, you're definitely not tech savvy enough that I would allow you with SSH on my server.
#infosec

🔐 #SSH based comment system
https://blog.haschek.at/2023/ssh-based-comment-system.html

Habe beim Tippen in Vim (in Gnome Terminal in Gnome Flashback mit xmonad in Ubuntu 22.04) in letzter Zeit oft einen unglaublichen LAG als ob es via SSH über eine schwache Verbindung wäre, was geht

Backdoor found in widely used Linux utility targets encrypted SSH connections
Oh, yeah, ma
Yeah, I'm a back door man
I'm a back door man
/ the doors

I've set up git commit signing with SSH. It was relatively easy, and did not need any GPG cruft.
https://calebhearth.com/sign-git-with-ssh

Well that's not good: https://lobste.rs/s/uihyvs/backdoor_upstream_xz_liblzma_leading_ssh

#TechnikDieBegeistert
Mitten in der Aufnahme von Radio Irrtum! Ausgabe 05/2024 und wundere mich, warum meine .flac Audios mittendrin Aussetzer haben?!
Hmm...
Sollte wirklich?...
```
ssh $fileserver
cat /proc/mdstat
```
:(
Tatsache. Das RAID baut sich gerade anlasslos (!) neu.
Also schon mit einem Anlass: Ubuntu meint, das alle pa…

xz Utils
Backdoor found in widely used Linux utility breaks encrypted SSH connections | Ars Technica
https://arstechnica.com/security/2024/03/backdoor-found-in-widely-used-linux-utility-breaks-encrypted-ss…

This https://arxiv.org/abs/2404.08232 has been replaced.
initial toot: https://mastoxiv.page/@arXiv_csCR_…

Navigating Quantum Security Risks in Networked Environments: A Comprehensive Study of Quantum-Safe Network Protocols
The emergence of quantum computing poses a formidable security challenge to network protocols traditionally safeguarded by classical cryptographic algorithms. This paper provides an exhaustive analysis of vulnerabilities introduced by quantum computing in a diverse array of widely utilized security protocols across the layers of the TCP/IP model, including TLS, IPsec, SSH, PGP, and more. Our investigation focuses on precisely identifying vulnerabilities susceptible to exploitation by quantum ad…

This https://arxiv.org/abs/2307.09757 has been replaced.
initial toot: https://mastoxiv.page/@a…

Emergence of two-fold non-Hermitian spectral topology through synthetic spin engineering
The union of topology and non-Hermiticity has led to the unveiling of many intriguing phenomena. We introduce a synthetic spin-engineered model belonging to symmetry class AI, which is a rare occurrence, and demonstrate the emergence of a multi-fold spectral topology. As an example of our proposal, we engineer non-Hermiticity in the paradigmatic Su-Schrieffer-Heeger (SSH) model by introducing a generalized synthetic spin, leading to an emergent two-fold spectral topology that governs the decoup…

@… If you're interested, I think I have the TCP/IP and SSH stack done enough for at least the beginnings of a source review.
This is the base stack so the BSP stuff for my current board (i.e. the FPGA accelerator integration and FPGA Ethernet-over-QSPI MAC are not included) but this is probably most of the attack surface.

staticnet/ssh at master · azonenberg/staticnet
C++ TCP/IP and SSH stack with bounded run time and no dynamic memory allocations - azonenberg/staticnet

komisch
mein SSH braucht irgendwie 0.4 sekunden länger als sonst

Not to argue with the dude, but he’s massively overthought the problem. In the real world, letting anyone from anywhere to log in via SSH if they have a correct username password or crypto key isn’t a common operational need. By default, packets to port 22 should be ignored or externally excluded.
The universe of legitimate users’ client IPs for most SSH-able hosts is minuscule in network terms. Worst case scenario: allow-list by ASN. Or /8.

Rob Ricci (@ricci@discuss.systems)
Attached: 1 image Hey! Let's talk about #SSH and #security! If you've ever looked at SSH server logs you know what I'm about to say: Any SSH server connected to the public Internet is getting bombarded by constant attempts to log in. Not just a few of them. A *lot* of them. Sometimes even dozens per second. And this problem is not going away; it is, in fact, getting worse. And attackers' behavior is changing. The graph attached to this post shows the number of attempted SSH logins per day to…

Yow! backdoor in upstream xz/liblzma leading to ssh server compromise: #infosec

Okay, not gonna lie: Soft Serve is friggin awesome. I think I'm gonna keep this and use it to backup some of the critical server configurations and such. Just something magical `ssh`-ing into a TUI for a `git` server. #homelab

On my machines, I have begun to disable SSH on IPv4 and replaced it with a tarpit instead. :drgn_comfy_evil:
#SSH #SysAdmin #Tarpit

Good thread on Twitter on burnout leading to the ssh on Linux hack.
We need to support a Job Guarantee for tech:
https://a.co/d/1rDUKEQ
Every time someone posts this photo:

Details matter! Clifford Stoll identified a KGB attacker by looking at an accounting error of 75 cents, @… found a well-planed ssh attack by investigating unexpected CPU spikes.
#security

Does anyone know or have any suspicions of who is behind the #ssh #xz backdoor? I'm unable to find anything about that.

How to effortlessly setup Yubikeys for SSH/GIT on WSL https://threatzer.com/posts/wsl-yubikeys/

Universal non-Hermitian flow in one-dimensional PT-symmetric quantum criticalities
Xin-Chi Zhou, Ke Wang
https://arxiv.org/abs/2405.01640 https://

Universal non-Hermitian flow in one-dimensional PT-symmetric quantum criticalities
The critical point of a topological phase transition is described by a conformal field theory (CFT), where the finite-size corrections to the ground state energy are uniquely related to its central charge. We study the finite-size scaling of the energy of non-Hermitian Su-Schrieffer-Heeger (SSH) model with parity and time-reversal symmetry ($\mathcal{PT}$) symmetry. We find that under open boundary condition (OBC), the energy scaling $E(L)\sim c/L$ reveals a negative central charge $c=-2$ at th…

Did you know this #SSH jump host solution is used by some low end #hosting providers? ...and apparently some Fortune 500 companies, although I doubt many would seriously deploy this widely. Discuss. :-) https://www.ezeelogin.com/kb/article/setup-and-configure-ssh-jump-server-2.html

uh... this looks bad, xz-utils upstream packages have been backdoored. it appears many conditions need to apply to be affected, still very concerning https://www.openwall.com/lists/oss-security/2024/03/29/4

Apparently my ssh is actually publicly accessible. Oh what a joy…
I guess I’ll just have to reinstall then
This is the time in which y’all NixOSers flex in the comments.

Fun network debugging story that I won't spoil.
http://beza1e1.tuxen.de/lore/little_ssh_couldnt.html

I bought a TP-Link Wi-Fi AP thinking maybe it would give me more control than my ISP router, specifically over the channel width.
Well, it does have a channel width setting. The only options are 80 MHz and 160 MHz (I wanted narrower), and if I set it to 80, sometimes it changes itself back to 160.
Also, this can only be configured in the phone app. There is only a read-only web UI, and no SSH/telnet access.

This also affects fedora and various other distributions as well. See https://www.openwall.com/lists/oss-security/2024/03/29/4 for the official report.

Am dritten Tage mask-removed von dem Testing, downgegraded zu dem Stable; er lasse die Finger von SSH, des verschlüsselten Zugriffs. Denn dort wirds sonst brechen die Testenden und das Prod.
#xz #ITOstern

Predicting SSH keys in Open SSH Memory dumps
Florian Rascoussier
https://arxiv.org/abs/2404.16838 https://arxiv.org/pdf/2404.16838

Predicting SSH keys in Open SSH Memory dumps
As the digital landscape evolves, cybersecurity has become an indispensable focus of IT systems. Its ever-escalating challenges have amplified the importance of digital forensics, particularly in the analysis of heap dumps from main memory. In this context, the Secure Shell protocol (SSH) designed for encrypted communications, serves as both a safeguard and a potential veil for malicious activities. This research project focuses on predicting SSH keys in OpenSSH memory dumps, aiming to enhance …

Habe seit langem mal wieder tftp und telnet benutzt…
Absolut fürchterlich, wie konnten wir früher nur damit leben?
Zum Glück haben wir inzwischen ssh!
#ssh #telnet #ftp

Ne Android-App um per SSH auf uberspace zuzugreifen - gibt es sowas?
[ob ich diesen Kackbürorechner schon verflucht habe fragte ich!!!]

Almost an hour trying (unsuccessfully) to create an ssh tunnel to my home server on Cloudflare. In desperation and disbelief, I delete the tunnel, the application and its policies to start again for the fourth time, but now doing exactly the same as the first time.
You know how you have to perform a different action to get a different result? Well, here I am scratching my head like a moron.
#selfhosing

You've probably seen it elsewhere already, but: xz-utils 5.6.0 and 5.6.1 release tarballs contain an elaborate exploit that injects a backdoor into SSH. #Gentoo systems shouldn't be affected since our OpenSSH doesn't link to liblzma — apparently the exploit targets distributions that patch OpenSSH to link with libsystemd, which in turn may link to liblzma. However, it's not clear if the exploits doesn't do anything else, so we've masked the new versions.
lzip is not affected.
https://www.openwall.com/lists/oss-security/2024/03/29/4

New #PiHole update is out.
SSH in and type “pihole -up” to update.

did you know⁉️ 🔐 🚀
the "authorized_keys" supports several options for each ssh key ?
for instance: if you use a ssh server for a tunnel, you can permit access only to specific servers.
#linux #devops

I stopped messing with client certificates and went back to good old HTTP basic authentication for my little digital light switch panel.
It's a shame nobody cares about TLS client certificates. With a bit more effort we could've gotten rid of passwords a long time ago.
I wish there was something like SSH keys for the web.
Yeah I know, Passkeys are a thing... but also not really.
#http

A backdoor in a popular Linux utility has been discovered, compromising encrypted SSH connections. https://reddit.com/r/cybersecurity/comments/1brdrgc/

Morgenlektüre gefällig? @… hat zusammengetragen was wir über #xz und den Angriff auf praktisch alle ssh-Logins weltweit wissen.

Looking at this xz exploit. It's almost a Rube Goldberg machine in how it works, at least what has been observed so far. Seems to require Glibc specifically, systemd, the compromised liblzma, and openssh patched to enable systemd notification.
Nice to know that my own ssh portal into my lan is likely unaffected due to having a different libc and init system. Not so nice to know how sophisticated the explore mechanism was, and how close it came to production systems.

An Analysis of the DHEat DoS Against SSH in Cloud Environments https://www.positronsecurity.com/blog/2024-04-23-an-analysis-of-dheat-dos-against-ssh-in-cloud-environments/

Don't miss today's Metacurity for the top infosec development you should know, including
--The iSoon leak exposes vast details on China's offensive cyber operations
--Apple gears up for quantum computing with new defensive protocol,
--State Dept. ups rewards for LockBit gang info,
--Oz finance dept. beset by another data leak,
--Chinese nationals found guilty of defrauding Apple,
--PSI Software confirms ransomware attack,
--SSH-Snake hunts for private keys,
--much more
https://www.metacurity.com/p/isoon-leak-exposes-vast-details-chinas-offensive-cyber-operations

Looks like there has been a long game to introduce an SSH exploit through #xz / #liblzma.
Details on which systems are at risk here:
https://

liblzma and xz version 5.6.0 and 5.6.1 are vulnerable to arbitrary code execution compromise - Xe Iaso

Probing the topological phase transition in the Su-Schrieffer-Heeger model using Rydberg-atom synthetic dimensions
Yi Lu, Chuanyu Wang, Soumya K. Kanungo, F. Barry Dunning, Thomas C. Killian
https://arxiv.org/abs/2404.18420

Probing the topological phase transition in the Su-Schrieffer-Heeger model using Rydberg-atom synthetic dimensions
We simulate the the Su-Schrieffer-Heeger (SSH) model using Rydberg-atom synthetic dimensions constructed, in a single atom, from a ladder of six neighboring $n\:^3S_1$ Rydberg states in which adjacent states are coupled with two-photon transitions using microwave fields. Alternating strong/weak tunneling rates, controlled by adjusting the microwave amplitudes, are varied to map out the topological phase transition as a function of the ratio of the tunneling rates. For each ratio, quench dynam…

@… My answer would be the infamous: It depends.
Not all tools suppprt the PAT mechanism, so falling back to SSH makes sense.
If I’m configuring an automated tool to run unsupervised, I’d feel more strongly that it’s critical to limit the scope of what it can do, in case of mistakes or bad actors, for a tool I’m directly interacting with, that’s le…

it's so funny to me that a normal, understandable, two page sized python program can implement a real hardware NIC driver that someone can use for realtime work like typing in an SSH session, under concurrent heavy load, and it gives you single ms digit latency
this is the entire transmit queue code. you can look at it in its entirety on one editor screen and understand it. it uses normal python idioms and doesn't even touch USB directly
60 Mbps on CPython, 80 on PyPy

Yikes… upstream xz/lzma repository compromised, hostile code injected into sshd in distros with newer packages #Linux

You've probably seen it elsewhere already, but: xz-utils 5.6.0 and 5.6.1 release tarballs contain an elaborate exploit that injects a backdoor into SSH. #Gentoo systems shouldn't be affected since our OpenSSH doesn't link to liblzma — apparently the exploit targets distributions that patch OpenSSH to link with libsystemd, which in turn may link to liblzma. However, it's not clear if the exploits doesn't do anything else, so we've masked the new versions.
lzip is not affected.
https://www.openwall.com/lists/oss-security/2024/03/29/4

okay, it's pretty wild that with the #xz stuff there might never be a reliable network scanner for it (which seems like the most metal of exploits, but also might be just a limitation of over-the-network scans vs binary analysis)
e.g., if you don't have the secret key, it acts like normal
so there's no tell that it's a backdoor
unless there's some sort of bug in the logic
unless you somehow get the private key in a leak, in which case... try to log into all SSH daemons.

Told my cat about the whole SSH xz thing but she just sneezed on my monitor and went back to sleep

fun, postmarketos is doing the thing again where it can connect to the internet but not resolve domains

Technical sysadmin-ish question. We've had our family mail hosted at a bullshit rinky-dink server since forever, we pay too much, and today we had a mail glitch because some bullshit automated IP address filter triggered.
So, what's the process for transferring a domain name, plus all the IMAP mail on those servers? We have ssh access to a server, even. I researched this once, I think something like "Dovecot" is part of the answer. Not sure if I should look at blueho…

A backdoor in a popular Linux utility has been discovered, compromising encrypted SSH connections. https://reddit.com/r/cybersecurity/comments/1brdrgc/

problem of using @… ssh lol:
Setting up tailscale (1.60.0) ...
Connection to pi5 closed by remote host.
Connection to pi5 closed.

Told my cat about the whole SSH xz thing but she just sneezed on my monitor and went back to sleep

Linux: oh no someone installed a very complex hidden backdoor on SSH please everyone panic
Windows: looks like we are installing a new service that leaks data on all servers without asking. Deal with it.

CloudFlare is simply amazing. I have now SSH terminal in a browser on https://srv.nowicki.dev with a proper authentication and everything.
All in less than 5 minutes.

holy shit, i... solved bufferbloat (in one direction) in my userspace Python Linux network interface card driver in Glasgow?
i'm sending 200 Mbps of spam to Wanda's laptop right now (most of which doesn't fit into the 100M link) and pings never go above 25ms
also she gets acceptable realtime performance (ssh, etc)
I: g.applet.interface.ethernet_rgmii: usb->os pps= 16 Mbps= 0.03
I: g.applet.interface.ethernet_rgmii: os->usb pps=17862 Mbps=215.87

Anyone got a good suggestion as to why pledge: filesystem during ssh login might be hanging for 90s? dmesg and sshd logs have nothing obvious. Nothing helpful in the internet searches either.

The one thing I am dreading about Godot/iPad is setting up the CI on Xcode Cloud.
Those devices are powered by modded raspberry pis running MacOS.
I am thinking that one hack might be to use GitHub CI custom runners that SSH into my Studio to do the heavy lifting, and then use those binaries as the input to Xcode Cloud.

«Die Feiertage. Die ganzen IT-Abteilungen feiern mit der Familie… Die ganzen IT-Abteilungen? Nein! Eine von unbeugsamen Open-Source-Enthusiasten bevölkerte Mailingliste hört nicht auf, den Eindringlingen Widerstand zu leisten.»
#xz #xzbackdoor #lzma #ssh
https://dnip.ch/2024/04/02/xz-open-source-ostern-welt-retten/

oss-security - Backdoor in upstream xz/liblzma leading to ssh server compromise https://www.openwall.com/lists/oss-security/2024/03/29/4

An upstream xz/liblzma backdoor leads to an SSH server compromise. https://reddit.com/r/cybersecurity/comments/1bqw8yc/

Guess who figured out how to SSH into a server and rename an errant WP plugin from the terminal!! THIS GIRL!! All while James was asleep, I could've not told him but I figured he might be proud of me for figuring it out myself.
HACKER WOMAN!!!!

I installed #LibreElec on a pi4. During setup, it asked if I wanted to enable sshd (which, like, *of course* I do).
Then it told me the default login and password, and suggested that I change the password. Okay, sure, good idea. I tried a shared, memorable password I use for home appliance devices (NAT'd & only accessible via sudo, as I use ssh keys). "Password too weak&…

An upstream xz/liblzma backdoor leads to an SSH server compromise. https://reddit.com/r/cybersecurity/comments/1bqw8yc/

Electron conductance of a cavity-embedded topological 1D chain
Danh-Phuong Nguyen, Geva Arwas, Cristiano Ciuti
https://arxiv.org/abs/2402.19244 https://

Electron conductance of a cavity-embedded topological 1D chain
We investigate many-body topological and transport properties of a one-dimensional Su-Schrieffer-Heeger (SSH) topological chain coupled to the quantum field of a cavity mode. The quantum conductance is determined via Green's function formalism in terms of light-matter eigenstates calculated via exact diagonalization for a finite number of electrons. We show that the topology of the cavity-embedded many-electron system is described by a generalized electron-photon Zak marker. We reveal how the q…

VNC through ssh tunnel http://localhost

Dynamic Phase Enabled Topological Mode Steering in Composite Su-Schrieffer-Heeger Waveguide Arrays
Min Tang, Chi Pang, Christian N. Saggau, Haiyun Dong, Ching Hua Lee, Ronny Thomale, Sebastian Klembt, Ion Cosma Fulga, Jeroen Van Den Brink, Yana Vaynzof, Oliver G. Schmidt, Jiawei Wang, Libo Ma
https://arxiv.org/abs/2403.19427

Dynamic Phase Enabled Topological Mode Steering in Composite Su-Schrieffer-Heeger Waveguide Arrays
Topological boundary states localize at interfaces whenever the interface implies a change of the associated topological invariant encoded in the geometric phase. The generically present dynamic phase, however, which is energy and time dependent, has been known to be non-universal, and hence not to intertwine with any topological geometric phase. Using the example of topological zero modes in composite Su-Schrieffer-Heeger (c-SSH) waveguide arrays with a central defect, we report on the selecti…

Switched to dropbear for now because bloody hell, waiting for 90s on every ssh/scp is painful.

Alright, what's everyone's favorite (#selfhosted) blog software these days? Ideally something that doesn't require complicated setup (ie, Ghost is overkill, and I definitely don't need something backed by mysqld) and a million dependencies. I'd be fine with anything from uploading markdown text files over ssh, to editing with a web interface for new posts.
Also n…

Topology in a Su--Schrieffer--Heeger plasmonic crystal
D. A. Miranda, Y. V. Bludov, N. Asger Mortensen, N. M. R. Peres
https://arxiv.org/abs/2404.19576 htt…

Topology in a Su--Schrieffer--Heeger plasmonic crystal
In this paper we study the topology of the bands of a polaritonic crystal composed of graphene and of a metallic grating. We first derive a Kronig--Penney type of equation for the polaritonic bands as function of the Bloch wavevector and discuss the propagation of the surface plasmon polaritons on the polaritonic crystal using a transfer-matrix approach. Secondly, we reformulate the problem as a tight-binding model that resembles the Su--Schrieffer-Heeger (SSH) Hamiltonian, one difference being…

Magnetic, charge, and bond order in the two-dimensional Su-Schrieffer-Heeger-Holstein model
Max Casebolt, Chunhan Feng, Richard T. Scalettar, Steven Johnston, G. G. Batrouni
https://arxiv.org/abs/2403.15386

Magnetic, charge, and bond order in the two-dimensional Su-Schrieffer-Heeger-Holstein model
Most nonperturbative numerical studies of electron-phonon interactions focus on model Hamiltonians where the electrons interact with a phonon branch via a single type of microscopic mechanism. Two commonly explored couplings in this context are the Holstein and Su-Schrieffer-Heeger (SSH) interactions, which describe phonons modulating the on-site energy and intersite electron hopping, respectively. Many materials, however, have multiple phonon branches that can each interact with electronic deg…

This https://arxiv.org/abs/2404.11084 has been replaced.
initial toot: https://mastoxiv.page/@arX…

Observation of Young's double-slit phenomenon in anti-PT-symmetric electrical circuits
In the last few decades, interference has been extensively studied in both the quantum and classical fields, which reveals light volatility and is widely used for high-precision measurements. We have put forward the phenomenon in which the discrete diffraction and interference phenomena, presented by the time-varying voltage of a Su-Schrieffer-Heeger (SSH) circuit model with an anti-PT symmetry (APT) symmetry. To demonstrate Young's double-slit phenomenon in an APT circuit, we initially explore…

If you have a shoe string budget and can't afford a service like @… (and/or you're depending on fail2ban as a preventative control), this Dictionary Based Blocking looks to be very effective.
This research paper has tons of interesting tidbits. Worth the read! Or if you're going to #NSDI24, you can see a presentation by @…
#infosec #ssh #bruteforce #hacking #research
https://discuss.systems/@ricci/112247553557306560

Dynamic Phase Enabled Topological Mode Steering in Composite Su-Schrieffer-Heeger Waveguide Arrays
Min Tang, Chi Pang, Christian N. Saggau, Haiyun Dong, Ching Hua Lee, Ronny Thomale, Sebastian Klembt, Ion Cosma Fulga, Jeroen Van Den Brink, Yana Vaynzof, Oliver G. Schmidt, Jiawei Wang, Libo Ma
https://arxiv.org/abs/2403.19427

Dynamic Phase Enabled Topological Mode Steering in Composite Su-Schrieffer-Heeger Waveguide Arrays
Topological boundary states localize at interfaces whenever the interface implies a change of the associated topological invariant encoded in the geometric phase. The generically present dynamic phase, however, which is energy and time dependent, has been known to be non-universal, and hence not to intertwine with any topological geometric phase. Using the example of topological zero modes in composite Su-Schrieffer-Heeger (c-SSH) waveguide arrays with a central defect, we report on the selecti…

Topological Edge States in Reconfigurable Multi-stable Mechanical Metamaterials
Zhen Wang, Feiyang Sun, Xiaodong Xu, Xin Li, Chuanqing Chen, Minghui Lu
https://arxiv.org/abs/2402.07707

Topological Edge States in Reconfigurable Multi-stable Mechanical Metamaterials
Multi-stable mechanical structures find cutting-edge applications across various domains due to their reconfigurability, which offers innovative possibilities for engineering and technology advancements. This study explores the emergence of topological states in a one-dimensional chain-like multi-stable mechanical metamaterial composed of bistable units through a combination of mechanical and optical experiments. Drawing inspiration from the SSH (Su-Schrieffer-Heeger) model in condensed matter …

This https://arxiv.org/abs/2404.11084 has been replaced.
initial toot: https://mastoxiv.page/@arX…

Observation of Young's double-slit phenomenon in anti-PT-symmetric electrical circuits
In the last few decades, interference has been extensively studied in both the quantum and classical fields, which reveals light volatility and is widely used for high-precision measurements. We have put forward the phenomenon in which the discrete diffraction and interference phenomena, presented by the time-varying voltage of a Su-Schrieffer-Heeger (SSH) circuit model with an anti-PT symmetry (APT) symmetry. To demonstrate Young's double-slit phenomenon in an APT circuit, we initially explore…

Navigating Quantum Security Risks in Networked Environments: A Comprehensive Study of Quantum-Safe Network Protocols
Yaser Baseri, Vikas Chouhan, Abdelhakim Hafid
https://arxiv.org/abs/2404.08232

Navigating Quantum Security Risks in Networked Environments: A Comprehensive Study of Quantum-Safe Network Protocols
The emergence of quantum computing poses a formidable security challenge to network protocols traditionally safeguarded by classical cryptographic algorithms. This paper provides an exhaustive analysis of vulnerabilities introduced by quantum computing in a diverse array of widely utilized security protocols across the layers of the TCP/IP model, including TLS, IPsec, SSH, PGP, and more. Our investigation focuses on precisely identifying vulnerabilities susceptible to exploitation by quantum ad…

If you have a shoe string budget and can't afford a service like @… (and/or you're depending on fail2ban as a preventative control), this Dictionary Based Blocking looks to be very effective.
This research paper has tons of interesting tidbits. Worth the read! Or if you're going to #NSDI24, you can see a presentation by @…
#infosec #ssh #bruteforce #hacking #research
https://discuss.systems/@ricci/112247553557306560

Towards electrical domain-wall control in polyacetylene-based electronic nanodevices
Leandro M. Arancibia, Andr\'es I. Bertoni, Cristi\'an G. S\'anchez, Alejandro M. Lobos
https://arxiv.org/abs/2404.15257

Towards electrical domain-wall control in polyacetylene-based electronic nanodevices
We theoretically propose a polymer-based nano-device consisting of a single trans-polyacetylene (tPA) molecule capacitively coupled to external voltage gates. We model the integrated device using a Su-Schrieffer-Heeger (SSH)-like Hamiltonian, and we demonstrate the emergence of localized domain walls (DWs) with quantized charges (i.e., soliton excitations) localized at the gates. Interestingly, by increasing the applied voltage, multiple discrete charges can be accumulated, which may be useful …

Quantum geometric tensor and the topological characterization of the extended Su-Schrieffer-Heeger model
Xiang-Long Zeng, Wen-Xi Lai, Yi-Wen Wei, Yu-Quan Ma
https://arxiv.org/abs/2404.08222

Quantum geometric tensor and the topological characterization of the extended Su-Schrieffer-Heeger model
We investigate the quantum metric and topological Euler number in a cyclically modulated Su-Schrieffer-Heeger (SSH) model with long-range hopping terms. By computing the quantum geometry tensor, we derive exactly expressions for the quantum metric and Berry curvature of the energy band electrons, and we obtain the phase diagram of the model marked by the first Chern number. Furthermore, we also obtain the topological Euler number of the energy band based on the Gauss-Bonnet theorem on the topol…

Topological Edge States in Reconfigurable Multi-stable Mechanical Metamaterials
Zhen Wang, Feiyang Sun, Xiaodong Xu, Xin Li, Chuanqing Chen, Minghui Lu
https://arxiv.org/abs/2402.07707

Topological Edge States in Reconfigurable Multi-stable Mechanical Metamaterials
Multi-stable mechanical structures find cutting-edge applications across various domains due to their reconfigurability, which offers innovative possibilities for engineering and technology advancements. This study explores the emergence of topological states in a one-dimensional chain-like multi-stable mechanical metamaterial composed of bistable units through a combination of mechanical and optical experiments. Drawing inspiration from the SSH (Su-Schrieffer-Heeger) model in condensed matter …

Scattering Singularity in Topological Dielectric Photonic Crystals
Langlang Xiong, Xunya Jiang, Guangwei Hu
https://arxiv.org/abs/2403.11613 https://

Scattering Singularity in Topological Dielectric Photonic Crystals
The exploration of topology in natural materials and metamaterials has garnered significant attention. Notably, the one-dimensional (1D) and two-dimensional (2D) Su-Schrieffer-Heeger (SSH) model, assessed through tight-binding approximations, has been extensively investigated in both quantum and classical systems, encompassing general and higher-order topology. Despite these advancements, a comprehensive examination of these models from the perspective of wave physics, particularly the scatteri…

This https://arxiv.org/abs/2404.11084 has been replaced.
initial toot: https://mastoxiv.page/@arX…

Observation of Young's double-slit phenomenon in anti-PT-symmetric electrical circuits
In the last few decades, interference has been extensively studied in both the quantum and classical fields, which reveals light volatility and is widely used for high-precision measurements. We have put forward the phenomenon in which the discrete diffraction and interference phenomena, presented by the time-varying voltage of a Su-Schrieffer-Heeger (SSH) circuit model with an anti-PT symmetry (APT) symmetry. To demonstrate Young's double-slit phenomenon in an APT circuit, we initially explore…

Weakly interacting one-dimensional topological insulators: a bosonization approach
Polina Matveeva, Dmitri Gutman, Sam T. Carr
https://arxiv.org/abs/2402.07239

Weakly interacting one-dimensional topological insulators: a bosonization approach
We investigate the topological properties of one-dimensional weakly interacting topological insulators using bosonization. To do that we study the topological edge states that emerge at the edges of a model realized by a strong impurity or at the boundary between topologically distinct phases. In the bosonic model, the edge states are manifested as degenerate bosonic kinks at the boundaries. We first illustrate this idea on the example of the interacting Su-Schrieffer-Heeger (SSH) chain. We com…

Observation of Young's double-slit phenomenon in anti-PT-symmetric electrical circuits
Xiumei Wang, Keyu Pan, Xizhou Shen, Xingping Zhou
https://arxiv.org/abs/2404.11084

Observation of Young's double-slit phenomenon in anti-PT-symmetric electrical circuits
In the last few decades, interference has been extensively studied in both the quantum and classical fields, which reveals light volatility and is widely used for high-precision measurements. We have put forward the phenomenon in which the discrete diffraction and interference phenomena, presented by the time-varying voltage of a Su-Schrieffer-Heeger (SSH) circuit model with an anti-PT symmetry (APT) symmetry. To demonstrate Young's double-slit phenomenon in an APT circuit, we initially explore…

Extreme anti-ohmic conductance enhancement in neutral diradical acene-like molecular junctions
Brent Lawson, Efrain Vidal, Michael M. Haley, Maria Kamenetska
https://arxiv.org/abs/2403.04906

Extreme anti-ohmic conductance enhancement in neutral diradical acene-like molecular junctions
We achieve, at room temperature, conductance enhancements over two orders of magnitude in single molecule circuits formed with polycyclic benzoquinoidal (BQn) diradicals upon increasing molecular length by ~0.5 nm. We find that this extreme and atypical anti-ohmic conductance enhancement at longer molecular lengths is due to the diradical character of the molecules, which can be described as a topologically non-trivial electronic state. We adapt the 1D-SSH model originally developed to examine …